The Spyware Weekly Newsletter is distributed every week to 20,000 subscribers and read online by hundreds of thousands of visitors. Please read our Terms of Use for quoting guidelines. http://www.spywareinfoforum.info/newlsetter/dec21,2004.

Wherever the term "adware" is used, it is referring to a category of software, not to any particular company or product.

Have a Merry Christmas and a Happy New Year everyone.

p.s. And don't eat too much turkey.

Permalink | Top

Reporters around the world seem stunned by the news that Microsoft is about to become a player in the antispyware world. I can't imagine why everyone is so surprised since Microsoft announced their intention to do just that nearly a year ago.

Microsoft has purchased Giant Company, the maker of antispam and antispyware products. They plan to offer it free to Windows users very soon. Eventually they will begin charging for the program.

I am kind of embarrassed about this. Somehow I have managed to overlook completely the existence of Giant Antispyware. Having read up on it, it sounds like a very good program. Every review of the program is positive and it does very well in head-to-head comparison with other antispyware programs. Some tests even show it beating out Ad-aware and Spybot.

Microsoft seems to have bought itself a winner here. Let's hope they don't ruin the program. It wouldn't be the first time a good product was bought by a much larger company, who then turned it into a hopeless, bloated mess.

Permlink | Top

Program: Spy Sweeper
Author: Webroot Software
Platform: Windows 95, 98, ME, NT, 2000, XP
One Year Package: $29.95 Now only $19.95
Two Year Package: $39.95 Now only $29.95
Prices valid until January 4, 2005
Purchase: http://www.webroot.com/land/land-spysweeper_dec_jan.php?rc=325

Spy Sweeper is an antispyware program from Webroot. It has received some very favorable reviews and awards. Spy Sweeper was named PC Magazine's Editors' Choice in March 2004.

Spy Sweeper absolutely rocks. On my computer (Athlon XP 2400, 1024MB RAM), Spy Sweeper scans in less than twenty seconds. You also can set it to do a much more extensive scan of the entire hard drive. This takes much longer (about 7 minutes on my machine), so I would advise doing this when the computer is not being used. Spy Sweeper will let you schedule an automatic scan, so this is no problem.

The slick interface is very user-friendly and intuitive. You can install this on your grandmother's PC and she will have no trouble using it. If you don't know what a particular button does, just hover the mouse over it for a description.

Spy Sweeper will detect and eradicate virtually every known adware, spyware, browser hijacker and porn dialer out there and it is updated soon after new ones are discovered. It also seeks out surveillance spyware and keylogging trojans.

Spy Sweeper provides active protection against home page hijackers and cookies belonging to web sites known to invade your privacy. It also monitors your PCs memory to watch for targets being loaded in the background.

The results list, showing the targets found after a scan, is the best of any antispyware program. If 20 components are found that all belong to Gator, Spy Sweeper will collapse those results to a single line. Most other antispyware displays an enormous list of individual items and that makes it hard to read. Expand the listing and it will show you each component it found along with its location.

At the bottom, Spy Sweeper shows detailed information about each component, including location, and to which category it belongs. If you want more information about a particular item that has been detected, highlight that item in the list and click the "More Details" button to be taken to Webroot's online database to read more about it. Not everything has a description yet, but they are adding more to it all the time.

Spy Sweeper is careful to point out when removing a particular piece of adware will cause the program that installed it to stop working. Some free programs such as KaZaA will stop working if you remove the obnoxious adware bundled with it, so this is a nice feature.

If you have any problems with the purchase page, please email my partner Catherine.

Permalink | Top

One of the hard drives in my computer has died with no warning. I don't have the slightest idea what happened to it. I rebooted the computer one day and the hard drive just decided to go on strike. It is reading as an "empty drive" to both the Windows and Linux installers and won't even show in Explorer. I ran GRC's SpinRite program and it was no help at all.

Unfortunately for me, that drive happened to hold my C: partition, which meant I had to reinstall Windows on my other hard drive. I'm working on reinstalling Linux as well but I am having problems with the installer discs I've burned. I think one or more of them is corrupted.

What is even worse is the fact that this particular hard drive also held my "My Documents" partition. I lost my local copy of spywareinfoforum.info. I lost four years worth of pictures I had collected. I lost my copies of all the stuff I've written for other publications. I even lost a book that I was writing and all the background notes for it.

I also lost every single email that came in before December 14. If you sent an email before then, expected a reply and haven't received one, there isn't going to be one unless you send it again.

To top it all off, the program that I use to save all of my passwords was on that drive. Until I figure out how to reset their passwords, I can't log into the control panel for the spywareinfoforum.info or forums.spywareinfoforum.info web servers, the DNS servers for all of my web sites or the proxy servers that fight off the DDoS attacks that come my way occasionally.

Yes, I used a backup program. No, I didn't include the documents in the backups. I only backed up the partitions that contained Windows. I thought the worst thing that could happen was that Windows would die and I would have to restore a disk image. I had Windows installed on both hard drives, so I thought I was pretty well covered. It never occurred to me that a whole hard drive would die with absolutely no warning at all. From now on, I definitely will be backing up *everything*.

I don't know what to do with this disk. Some people have suggested sticking the drive in a plastic bag and freezing it for 24 hours. I'm going to give that a try to see if I can copy my data off of it. If that doesn't work, I guess I'll have to look for a data recovery service that doesn't want my entire life savings.

Permalink | Top

One of the things I lost when my hard drive died was the contact information for people who had volunteered to talk to the press about their spyware infection. I need everyone who is interested to send their information to me again.

From time to time, I receive a letter from a reporter who wants to discuss spyware and browser hijackers. Usually, this is not long after they, or a friend, have become infected with one or the other. Occasionally, these reporters want to interview people who have had to remove spyware or a browser hijacker.

I have started a small database of people who have been infected with malware in the past and people who help to fix malware infections. If you have been infected with spyware or a browser hijacker or are someone who helps other people fix infections and would be willing to talk to the media about it, please send an email to press@spywareinfoforum.info.

This is the information I need:

How you became infected if you know
What you were infected with if you know
How long you were infected before fixing it
How you fixed it (ie. Spybot, Ad-aware, a message board, etc)
The city and country in which you are located or are near
A working email address

I won't give your email address to the reporter, if one from your area writes (or to anyone else for that matter). Instead, I will reply to your email with the reporter's contact information. I know from experience that a large number of you are going to email, so I won't be able to respond to these emails. Thank you in advance for participating in this.

Permalink | Top

I made a cool discovery the other day. Trend Micro Europe has an online antivirus scanner that anyone can use without the need to install an antivirus program. Use of the scanner is free.

There are, of course, several antivirus web sites that have these scanners. These other scanners all require ActiveX. That requires Internet Explorer. A large and growing number of people refuse to use Internet Explorer for any reason. There also are millions of people who don't use Windows at all and couldn't use Internet Explorer even if they wanted.

The scanner at Trend Micro Europe requires only that your browser have a Java plugin. You can use Mozilla, Firefox, Netscape or Opera. You also can use this scanner if your computer is running Linux or Solaris. Macintosh is not listed as a supported operating system.

I tried the scanner using Firefox and it took roughly ten minutes to scan my computer. I had downloaded all of the files at spywareinfoforum.info the night before to replace what I had lost when my hard drive keeled over. It found and identified about 63 of the spyware files I had downloaded from a forgotten directory on the site. It didn't miss very many files. That is a pretty impressive performance, especially considering that antivirus programs have had a poor record for detecting spyware until recently.

This sort of scanner is fine for occasional use or if you cannot install a regular antivirus for some reason. It is much safer to install antivirus software directly onto your computer. For Windows users, I strongly recommend Nod32. It is more than worth the money.

Permalink | Top

Last issue, I poked fun at two adware companies for going to war with each other. This week I have another funny one. A federal judge in Denver has ordered three spammers to pay an internet service provider ONE BILLION DOLLARS in damages. When I read this story and, after I had picked up my jaw and put it firmly back into place, I laughed for a good ten minutes.

The spammers in question failed to appear at court, so the judge declared a default judgement against them. Under an Iowa state law, the ISP is eligble to recover $10 per spam message from each of the spammers. Since the Racketeering Influenced Corrupt Organization (RICO) Act also was invoked, the damages were tripled.

Permalink | Top

The company which makes the SuperAdBlocker program is offering free pop-up and spyware blocking software to US Military personnel. If you are interested, full instructions are located at http://www.superadblocker.com/troops. There are only 10 days left before this offer expires on January 1, 2005.

Permalink | Top

The Daily Times has published an interesting editorial about privacy. The editor makes the point that some privacy laws and practices have led to some absurd situations. For instance, hurricane victims in Florida recently were unable to receive federal assistance because the Federal Emergency Management Agency refused to say where they had located them. They were concerned with violating a privacy act.

Right now, the father of a US Marine trooper killed in action in Iraq is begging Yahoo to let him access his son's Yahoo Mail account. Yahoo has refused, citing their privacy policy.

I find that to be an odd stance coming from this company. A few years ago, Yahoo created a new privacy policy option, allowing users to opt out of receiving advertisements from some of Yahoo's businesses. That sounds like a good option to have, until you hear how they implemented it. They made it so that the default option was to allow Yahoo businesses to send the advertisements and even opted existing users in without their permission. They had to log in and redo their settings and that was if they were fortunate enough to learn about it in the first place.

Perhaps if that Marine's father had a product to advertise, then Yahoo would give him access to his dead son's email account.

In many cases, there is not enough privacy protection on the books. See my recent rants about SBC Communications for a good example of that. In other cases, there are privacy laws in place that inconvenience the public far more than they protect them. Personally, I lay the blame for this squarely on the doorstep of the corporate lobbyists who spend millions to water down every single privacy law that comes up for discussion. Most good and sensible privacy legislation becomes amended, rewritten and edited to the point that it no longer serves the function for which it originally was intended.

Of course, there is what happened to California's privacy law. The bank lobby fought to stop California from passing sweeping privacy legislation that would have prevented banks from selling customer information. They failed. Rather than accept failure, they reached into their bottomless pit of funds and showered the US Congress with money. They succeeded in having a federal law passed that did not include California's privacy protections and the federal law overruled California's state law. It must be nice when you have the money to dictate policy to the world's only superpower.

Another example of an unintended consequence brought about by a privacy law is what happened recently in Washington state. A 17-year old kid was put on trial for snatching a purse. He was arrested after he admitted committing the crime to his girlfriend. It turns out the girl's mother was eavesdropping on her telephone conversations. The judge, seeing that the evidence in the case was obtained illegally, threw out that evidence.

People have derided the judge's decision. He has been accused of everything from being a liberal activist legislating from the bench to being a nut job who threatens their right to raise their children as they see fit. In fact, the judge made a very conservative decision. The evidence was collected in violation of an established law. To allow the evidence would have been creating an exemption to the law, the very thing he incorrectly is being accused of doing.

Other people agree with the judge and say that what the mother in this case did was a gross violation of her child's privacy. They believe that turning the home into a KGB surveillance station only turns children against their parents.

I've tried to stay away from this argument. I figured that since I am not a parent that I shouldn't say anything. However, even without being a parent, I think I can look at this question fairly.

On the one hand, I used to be a kid. It infuriated me to find mail, addressed to me, lying opened when I came home. I resented and resisted any effort to snoop into my life. From a kid's point of view, having a parent secretly snooping around in their life is viewed as a betrayal, not as good parenting. To kids, the people they have implicitly trusted their entire life have violated that trust and no longer deserve it.

I knew plenty of girls at school who kept diaries. They would tell stories about how they had discovered their parents (almost always the mother) snooping around to find the diary so they could read it. The idea of reading someone's diary... that is a betrayal so profound that I don't even know how to describe it. A diary is a written extension of someone's mind. What is written in a diary is not meant to be read by anyone but the writer. That's why most of them come with locks.

One girl that I knew in high school walked in and caught her mother reading her diary. She was so angry that she slapped her mother and stormed out of the house. She went to live with her older sister and never went back. They did start speaking again but she was still bitterly angry about it almost a year later.

On the other hand, I am no longer a kid (to anyone under 40 anyway). As an adult, I can look back on my life as a kid and shudder at how badly I almost messed it all up. My parents divorced when I was very young and my mother had to work long hours to support us. As a result, I had far more freedom than was safe for a kid. Once I became a teenager, and especially after I got my drivers license, I was in serious need of reigning in.

I drank. I smoked pot and cigarettes. I stole cigarettes and alcohol from stores because I was too young to buy it myself. I drove around, sometimes with up to five or six other kids in the car, drunk as a lord.

By the time I was 17, I had been arrested once for possession of marijuana, once for drunk driving and twice for drinking under age. I also had dropped out of school. I did all the things that overbearing, over protective parents usually prevent their kids from doing. It's a miracle that I didn't end up in prison or as junkie rotting on the street.

I come down on the side of parents in this argument. The sad truth is, kids are dumb. They do dumb things. They need protection from themselves and it is the parents' job to do that. Kids deserve some privacy and will never stop resenting a parent that doesn't respect that. On the other hand, giving them too much privacy and freedom is dangerous. For their own good, there has to be a firm limit on just how much privacy and freedom they have.

"You'll understand when you're older" may sound like simpleminded nonsense to a kid but, eventually, that is just what happens. Take it from someone who finally grew up.

Permalink | Top

I do not intentionally link to web sites that require registration before allowing visitors to read the article. At the time I read these articles, I was not required to register. If one of these sites requires that you register before allowing you to read the article, please let me know and I will blacklist that site.

http://www.cnn.com/2004/US/12/15/sneaky.surveillance.ap/index.html :: Casino fined for security camera ogling

http://www.epic.org/privacy/postal/ :: Postal Service Privacy (lack thereof)

http://www.enterpriseitplanet.com/security/features/article.php/3450061 :: How Spyware Took the Next-Gen Threat Crown

http://www.webpronews.com/it/itmanagement/wpn-18-20041220HowToStopSpywareFromInfectingYourSystem.html :: How To Stop Spyware From Infecting Your System

http://www.signonsandiego.com/news/nation/20041220-9999-1n20licenses.html :: New ID rules cause worries over privacy

http://news.com.com/ComScore+Spyware+or+researchware/2100-1032_3-5494004.html?tag=st.num :: ComScore: Spyware or 'researchware'?

http://www.dailyherald.com/business/business_story.asp?intid=3834176 :: Free Firefox browser resists spyware

http://washingtontimes.com/upi-breaking/20041218-034422-4024r.htm :: New law allows for no-fly appeals

http://www.eweek.com/article2/0,1759,1741981,00.asp :: Webroot Adds Bandwidth Throttling to Anti-Spyware Offering

http://www.gripe2ed.com/scoop/story/2004/12/20/8257/4850 :: A Fatal Blow to Shrinkwrap Licensing?

http://www.palmbeachpost.com/opinion/content/opinion/epaper/2004/12/21/a14a_acluedit_1221.html :: The ACLU vs. the ACLU

http://news.yahoo.com/news?tmpl=story&cid=1895&u=/nm/20041221/us_nm/tech_aol_spam_dc&printer=1 :: Judge Refuses to Accept Guilty Plea on Spam